[keycloak-user] Stateless Confidential Client
Etienne Sauriol
etienne.sauriol at scigilian.com
Fri May 19 14:40:00 EDT 2017
Hi,
Is it possible to have stateless confidention client using openId and
signed JWT?
I'm using Keycloak 3.1 and a spring boot app with both spring boot adapter
and spring security adapter.
Everything works fine, but looking at requests to secured endpoints, there
is only a JSESSIONID in the cookies. No authorization bearer header or
cookies even if I added token-store: cookie in my application.yml.
I'm not sure if this is required but when trying to add in my configuration
file,
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
weird things happen.
Thanks,
Etienne
More information about the keycloak-user
mailing list